<?php
session_start();
/*
 * Session variables:
 * $_SESSION['view_building'] [serial] = id of building acting on
 * $_SESSION['type'] [string] = user type of the logged in user
 * $_SESSION['authorised'] [boolean] = whether or not the current user is logged in
 */

if(isset($_SESSION['authorised']) && $_SESSION['authorised'] == true)
{   
    if(isset($_SESSION['type']))
    {
        if($_SESSION['type'] == 'administrator')
        {
			include ('connection.inc');
			$action_string = $_POST['action'];
			$action_parts = explode(" ", $action_string);
			$action =  $action_parts[0];
			$building_id = $action_parts[1];
			
			if ($action=='Delete')
			{
				$sql="Delete from buildings where building_id=$building_id";
				$result=pg_query($sql);
				header('Location:admin_managebuildings.php');
				exit();
			}		
			elseif($action=='View')
			{
				$_SESSION['view_building']=$building_id;
				header('Location:admin_viewbuilding.php');
				exit();
			}
			elseif($action=='Edit')
			{
				$_SESSION['edit_building']=$building_id;
				header('Location:admin_editbuilding.php');
				exit();
			}				
        }
        elseif($_SESSION['type'] == 'student')
        {
            header('Location: student_index.php');
            exit();
        }
        elseif($_SESSION['type'] == 'tutor')
        {
            header('Location: tutor_index.php');
            exit();
        }
        elseif($_SESSION['type'] == 'parent')
        {
            header('Location: parent_index.php');
            exit();
        }
    }
}
else
{
    header('Location: index.php');
}
?>
